Prepare the test data and environment for the security test.

Run the security test in CI, using a separate build from your normal functional testing builds. (This will allow you to run them in parallel.)

If the API passes all its security tests, then deploy it to production; otherwise, fail fast and roll back changes
https://t.co/aCXiM3mu16